Yahoo announced Wednesday that more than one billion accounts have been compromised through a 2013 security breach. The accessed data included users' names, passwords, security questions and contact information, the company said. The news came two months after Yahoo revealed that a similar attack targeted 500 million accounts in 2014.

“As Yahoo previously disclosed in November, law enforcement provided the company with data files that a third party claimed was Yahoo user data,” the Sunnyvale tech conglomerate stated in a press release. “Based on further analysis of this data by the forensic experts, Yahoo believes an unauthorized third party, in August 2013, stole data associated with more than one billion user accounts. The company has not been able to identify the intrusion associated with this theft. Yahoo believes this incident is likely distinct from the incident the company disclosed on September 22, 2016.”

"Most likely, Yahoo recently found out about the breach two years too late," Gary Miliefsky, cyber security expert and founding member of the US Dept. of Homeland Security told Hearst Television on Wednesday. "This happens all the time. According to Fireeye, most breaches are not discovered by the victims for over 280 days, nearly a year."

Miliefsky also believes the breach wasn't the work of a typical online thief.

"My gut says it’s not cyber criminals because of the way the hack occurred," he explained, adding that it could possibly be a "nation-state effort," or a group of hackers working for a government agency outside the US.

Does this mean you should start panicking? Has your personal online identity been compromised? While there’s no way to completely protect yourself from a virtual attack, Miliefsky shared some tips on lowering the odds of being hacked in the future -- and what to do if you think you're already at risk.

2. Create strong passwords that use a combination of letters, numbers and symbols. Don’t share it with anyone. Enable any additional security features that verify your identity, especially on financial sites.

3. Don’t click on suspicious links. Be wary of emails or pop-ups that ask for personal information.

4. Keep a close eye on online banking accounts. Only use credit cards that offer protection from fraudulent transactions for online purchases.

5. Lastly, Miliefsky recommends frequently checking credit reports for unauthorized charges or accounts. If you believe you've already been hacked, request to be placed under fraud alert with reporting bureaus Experian, TransUnion and Equifax. This means any business has to confirm your identity before issuing new credit.